What do you need to know about the argument over the iPhone owned by the San Bernadino shooter?
This past week there has been a huge battle brewing between Apple and the FBI. The war is being waged over a single iPhone. That iPhone belonged to one of the attackers in the San Bernadino shooting on Dec. 2, 2015, in which fourteen people were killed and another twenty-two were injured. The police believe that the phone may contain more information about the shooter, including any contacts, or messages he sent to any other conspirators or terrorist organizations.
What's the Issue?
The shooter's phone was backed up six weeks before the attack to iCloud, and the FBI does have access to this backup, however, the six weeks before the event are what investigators are most interested in. The attacker was killed in a shootout with police, so they can’t just ask for the passcode. The phone was also a model 5C, which doesn’t have a finger print scanner, so even if they had his finger, the FBI still couldn’t unlock the phone.
The issue is that the phone is encrypted automatically with the passcode, and there are safeguards in place that slow down attempts to unlock it. For example, iPhones will only allow a couple of passcode tries before the phone makes you wait to try again. It could take as much as an hour between guesses, which makes trying to brute force the pass code a very slow process.
But that's not all: there's another security feature on the iPhone where, after ten tries, the phone completely erases itself. That’s right: the phone basically self-destructs, leaving any data inaccessible for investigators. Now this is great for people who don’t want our personal information in the hands of a thief, but for the FBI, this feature poses a large problem—mostly because they don’t know if this feature in enabled.
So, that's why the FBI asked for Apple’s help in unlocking the phone.
The FBI’s Argument
A Federal Judge ordered Apple to help the FBI unlock the phone last week, and this is where everything went public. The FBI wants Apple to create a custom firmware to put on the attackers iPhone 5C that will bypass the time limitation (the one that locks the phone for an hour between each guess). It also wants Apple to allow input onto the phone from another device so that some poor intern doesn’t have to spend the next three months manually typing in passwords. The last request is that it wants Apple to remove the self-destruct feature from that specific phone.
In short, the FBI is not asking for a direct crack of the encryption of the phone. They simply want to make it a little bit easier to break into the phone. The goal of the FBI is to create a device that will brute force the pin (by trying every pass code 0000 all the way to 9999). Now if the one-hour limit were in place, it would take the FBI over a year to try every pin. The FBI would mail the phone to Apple, which would set the custom firmware on it, and then ship it back to the FBI. Apple would not be giving the FBI the custom firmware that could be used on any other iPhone.
On February 16, 2016, Apple published a public letter to its customers detailing the situation it was being forced into by the FBI. It’s really well written, and I highly recommend that you read it. Whether you like Apple or not, their phones are built extremely well with secure encryption running under the hood.
The FBI is asking Apple to write a program to completely undermine the protections that they put in place. This puts Apple in an awkward position, because they have created a secure product, which not even the FBI can penetrate. However, now they are being forced to create software that will break all of their own safeguards.
Even though Apple would have only created this new operating system for this one purpose, once the software is written, they have weakened their own product. Furthermore, the FBI cited the All Writs Act of 1789 in order to justify their request. Can we just take a moment to think about the fact that the FBI is using a law from over two hundred years ago to justify their request?